The final rush before this year's April 17 tax deadline puts everyone on edge — including tax professionals — making folks easy targets for scammers.

Did you just get a letter from the IRS that asks you to verify your identity — even when you still haven't filed your 2017 tax return? If so, it's possible a con artist already filed a tax return using your ID.

We're all worried that somehow our Social Security numbers and other personal data are out there after the Equifax hacking incident. Or maybe our personal information is out there after it was stolen at a doctor's office or via a data security breach at a college campus.

But did you ever think that the computer system for the company or person who prepares your taxes could have been hacked?

There's a growing concern that sophisticated ID thieves could be stealing some information, such as bank account numbers, from tax professionals in a phishing e-mail known as the "New Client" scam. Tax professionals are increasingly a target for data theft, according to the Internal Revenue Service.

Already this filing season, the IRS disclosed an upswing in reported thefts of taxpayer information from the offices of tax practitioners. About 75 firms acknowledged taxpayer data thefts in January and February — a nearly 60% increase from the same time last year.

"The amount of identity theft and phishing e-mails are so prevalent right now that vigilance has got to be the word," said Eric Canvasser, a certified public accountant with his own firm in Farmington Hills.

Canvasser said he's received more than a dozen e-mails in the past year from people who are asking him how much he would charge to do their taxes. Often the e-mails will say: "Attached is my W-2 and my mortgage statement."

Think about it. If you were shopping for a new CPA or tax preparer, would you blindly send your important tax documents as an attachment?

But that's part of the scam. Crooks want tax professionals to download a virus onto their computers.

This is how the scam works

According to the IRS, malware can take over the victim’s computer hard drive, giving someone remote access to the computer, or it could look for passwords and other information and send them to the scammer. Fraudsters can then use the information they gather to commit identity theft, gain access to bank accounts and more.

Fraudulent e-mails are sent to CPAs, tax practitioners and others most often under the guise of real taxpayers looking for tax help.

A scam e-mail could read: "I just moved here from Ohio. I have an urgent tax issue and was hoping you could help. I hope you are taking on new clients."

Again, such e-mails typically have an attachment that supposedly includes an IRS notice and the supposed tax return for the previous year.

The scam might be easy to spot unless you get distracted doing your job.

Canvasser said most tax professionals know that they need to delete the e-mails and not open the attachments. Canvasser even changed his e-mail account from AOL to another server to try to reduce fake e-mails and avoid hacking.

But Canvasser recognizes that anyone can make a mistake, too, especially if they're juggling phone calls, e-mails, and other responsibilities during tax season.

"This time of the year there isn't a practitioner out there who doesn't have dozens of things going on at the same time," Canvasser said.

One scam can lead to another one down the road.

The IRS attributed much of the increase in the number of reported thefts of taxpayer data to a new scam. Con artists who file fake tax returns to steal refund cash now are giving the IRS the bank account information of everyday consumers in order to get direct deposit of fraudulent refunds.

The IRS said this "erroneous refund" scam has already claimed thousands of taxpayer victims.

After the money hits the real taxpayer's account, the victim might get a phone call from someone pretending to be debt collection official working on behalf of the IRS. The impersonator might say the refund was deposited in error and they ask the taxpayer to forward the money to their collection agency.

Of course, people who fall for it end up handing over money to crooks, not the IRS.

The IRS Criminal Investigation Division is continuing an investigation into data thefts from offices of tax professionals earlier in 2018.

Signs to watch for

The IRS has warned tax professionals to be on high alert to any signs of fraud. Some signs of trouble:

Suddenly, a string of e-filed returns are being rejected out of that tax preparation office. Why? Could be the scammers got access to your database. Returns would be rejected by the IRS if another tax return was filed earlier in the year using the same Social Security numbers.

Clients who haven't yet filed their 2017 tax returns are now calling and wondering why they're receiving authentication letters from the IRS about their returns. Maybe they've gotten a letter like a 5071C or a 4883C form letter to verify their identity. Or maybe they've even received a 5747C letter from the IRS that actually requires a taxpayer to go to an IRS Taxpayer Assistance Center to verify their identity.

The tax professional seems to be noticing that network computers are running slower than normal. Or maybe those computers are even locking out tax practitioners. Could be another sign of the hackers at work.

Suddenly, there's an unusual spike in the number of returns that are being filed using the tax practitioner's electronic filing identification number. Maybe even more returns are filed than the typical number of clients.